Skip to content
K8SaaS

User

User creation

Section titled “User creation”

This configuration creates a Keycloak user within a specified realm. It includes basic user details, email verification, and password management. You can also reference the group names which the user is assigned to. More details on the user references.

apiVersion: k8saas.io/v1alpha1
kind: KeycloakUser
metadata:
  name: username
spec:
  realmId: k8saas
  username: username
  userConfiguration:
    firstName: John
    lastName: Doe
    email: johndoe@k8saas.io
    emailVerified: true
    initialPassword:
    - valueSecretRef:
        namespace: k8saas-system
        name: keycloak-credentials
        key: password
      temporary: false
  groupIdsRefs:
  - name: auditors
  roleIdsRefs:
  - name: otp-required

The otp-required role is defined by default by K8SaaS and requires the users to authenticate before accessing desired endpoints. This is forcing MFA. Learn more about OTP on the keycloak documentation.

You can add any role to the wanted user using this method.